<?php
/**
 * @author 	 	 supfire@sohu.com
 * @copyright    sns
 * @version      1.0
 * @name 		 user.php
 * @todo 		 用户action
 * @final 		 2008-08-05
 */
define('IN_YCTOOL', true);
require_once('config.php');
require_once(DIR_COMM . 'common.php');
$nobarfooter = 1;
if ($user->userinfo['userid'] > 0)
{
    func::ShowMsg("您已登录，登录状态不能使用此功能！",'./',"./user.php");
}
//获取post / get 参数
$action = isset($_POST['action']) ? $_POST['action'] : "";
$email = isset($_POST['TextBoxEMail']) ? $_POST['TextBoxEMail'] : "";
$pwdQuestion = isset($_POST['pwdQuestion']) ? $_POST['pwdQuestion'] : "";
$pwdAnswer = isset($_POST['pwdAnswer']) ? $_POST['pwdAnswer'] : "";
$pwdQuestion2 = isset($_POST['pwdQuestion2']) ? $_POST['pwdQuestion2'] : "";
$pwdAnswer2 = isset($_POST['pwdAnswer2']) ? $_POST['pwdAnswer2'] : "";

$emailGet = isset($_GET['e']) ? $_GET['e'] : "";
//重设密码
$findtime = time();
$findpswtime = $findtime-(7*24*3600);

//找回密码
if ($action == 'post')
{
    $rs = $user->getUserInfoActive($email);

/*
    echo $rs['userid'];
    
    echo '<hr>';
    echo $rs['pwdQuestion'] ;
    echo '<hr>';
    echo  $pwdQuestion;
       
       
    echo '<hr>';
    echo $rs['pwdQuestion2'];
       
    echo '<hr>';
    echo $pwdQuestion2;

    echo '<hr>';
    echo $rs['pwdAnswer'];
       
        echo '<hr>';
    echo $pwdAnswer ;
        echo '<hr>';
    echo $rs['pwdAnswer2'];
       
        echo '<hr>'; 
    echo $pwdAnswer2;

    echo '<hr>';
    echo $rs['userid'] ;

    echo '<hr>';
echo $rs['pwdQuestion'] == $pwdQuestion ;

        echo '<hr>'; 
echo $rs['pwdQuestion2'] == $pwdQuestion2;

        echo '<hr>'; 
echo $rs['pwdAnswer'] == $pwdAnswer ;

        echo '<hr>'; 
        echo $rs['pwdAnswer2'] == $pwdAnswer2;

        echo '<hr>';
       */
    if($rs['userid'] && 
        (
            (
                $rs['pwdQuestion'] == $pwdQuestion 
                && $rs['pwdQuestion2'] == $pwdQuestion2
                && $rs['pwdAnswer'] == $pwdAnswer 
                && $rs['pwdAnswer2'] == $pwdAnswer2
            )
            ||
            (
                $rs['pwdQuestion'] == $pwdQuestion2
                && $rs['pwdQuestion2'] == $pwdQuestion 
                && $rs['pwdAnswer'] == $pwdAnswer2
                && $rs['pwdAnswer2'] == $pwdAnswer 
            )
        )
    )
    {
		$psw = str_shuffle('ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789');
		$psw = substr($psw, 0, 8);
		$sql = sprintf("UPDATE ".DB_TABLEPRE."user_basic SET userpass = '%s', findpsw = '0', findpswtime = 0 WHERE email = '$email'", md5($psw));
		db::query($sql);
		//$emailIn = $email ;//发送给谁 'supfire@126.com,ourmy_com@sina.com';
		$posttext = '<HTML><HEAD>
<TITLE>Mail</TITLE>
<meta http-equiv="Content-Type" content="text/html; charset='.Email_CHARSET.'">
</HEAD><BODY bgColor=#FFFFFF topmargin=5
leftmargin=5 style="FONT-SIZE:9pt; FONT-FAMILY:宋体">
您('.$email.')在童心网的密码被设置为：'.$psw.' 
<br /><br />
请您登陆并在帐户页面重新设置密码，并将其保存在安全的地方 。系统自动发送请勿回复。<br /><br />

';
	    require_once(DIR_COMM . 'sendmail.php');
	    SendMail($email, '童心网密码重设', $posttext);
	    func::ShowMsg('系统把密码发到 '.$email.' 邮箱，请登录邮箱收取并牢记您新设的密码。<br /><br/><br/> '); 
	}
	else
	{
	    func::ShowMsg('您输入的 '.$email.' 电子邮箱还没有注册过或者问题答案有误。 <br/><br/>');
	}
}
require_once DIR_COMM.'template.func.php';
require_once tpl('findpsw.html', $tpldir);
?>
